[Samba] Re: Trusted domain user login
Carlos Lorenzo Matés
clmates at mundo-r.com
Thu Jan 31 19:32:28 GMT 2008
El Jueves, 31 de Enero de 2008, Carlos Lorenzo Matés escribió:
> El Miércoles, 30 de Enero de 2008, Thorkil Olesen escribió:
> > Carlos Lorenzo Matés <clmates <at> mundo-r.com> writes:
> > > > Maybe you should try:
> > > >
> > > > wbinfo -a NTDOMAIN\\clorenzo%myrealpassword
> > >
> > > This was my first try and it says exactly the same.
> > Well, that should work.
> > > We have the very same users groups and passwords in the
> > > NT Domain and in the
> > > samba Domain, our samba domain uses ldap for storage.
> > It doesn't make sense to have same users in both domains.
> We make this because we are migrating the NT domain to a samba domain and
> this was the best option to make this transparent for users
> > >From samba's point of view users in different domains are
> > not the same even though they have same username and
> > password. They will still have different SIDs.
> > > Here is our nsswitch.conf
> > (...)
> > > passwd: files ldap
> > > group: files ldap
> > (...)
> > > passwd_compat: ldap winbind
> > > group_compat: ldap winbind
> > (...)
> > Why do you put winbind at 'passwd_compat' instead of 'passwd'?
> I don't know I'm going to revise this, thanks
Well, teste with the winbind added behind passwd and group and now getent
returns the NT Domain users and groups also, as you said.
getent shadow only returns the ldap shadows
btw the wbinfo -a was not working because i was only seting an \ betwen the
domain name and the user name, and must be \\. Now is working regardless the
but the trust still does not work fine
Carlos Lorenzo Matés.
clmates AT mundo-r DOT com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 194 bytes
Desc: This is a digitally signed message part.
Url : http://lists.samba.org/archive/samba/attachments/20080131/a1a85727/attachment.bin
More information about the samba